search

๐Ÿš€OSCP ROCKET

Enumeration

hashtag
Phases of Enumeration

hashtag
1. Network Enumeration

hashtag
Nmap

hashtag
Full TCP port scan

nmap -Pn -p- -oN alltcp_ports.txt $ip

hashtag
Full TCP port scan (safe scripts + version detection)

nmap -Pn -sC -sV -p- -oN alltcp.txt $ip

hashtag
Top 20 UDP port scan

nmap -Pn -sU -sV -sC --top-ports=20 -oN top_20_udp_nmap.txt $ip

hashtag
Nmap NSE Scripts:

nmap --script vuln <target-ip>

All Ports Scan:

  • nmap -p- -oN all_ports.txt <target-ip>

  • nmap -sCV -A -p- 192.168.232.211 --min-rate=10000 -oA fullportscan

Basic Scan

  • nmap -sC -sV -oN basic_scan.txt <target-ip>

  • nmap -sC -sV -o nmap -A -T5 10.10.10.x

Host Discovery

nmap -sn 10.10.1.1-254 -vv -oA hosts

netdiscover -r 10.10.10.0/24

DNS server discovery

nmap -p 53 10.10.10.1-254 -vv -oA dcs

NSE Scripts Scan

nmap -sV --script=vulscan/vulscan.nse

Running specific NSE scripts

nmap -Pn -sC -sV --script=vuln*.nse -p$ports 10.10.10.x -T5 -A

PreviousReverse ShellNextError Codes

Last updated